Y
Hacker News
new
|
ask
|
show
|
jobs
by
tom1337
276 days ago
How does a pull-through cache prevent this issue? Wouldn’t it also just pull the infected version from the upstream registry?
1 comments
pragma_x
276 days ago
I think it's implied that packages can be blocked and/or evicted from said cache administratively. This deliberately breaks builds, and forces engineers to upgrade/downgrade away from bad packages as needed.
link